A Florida operator of an Internet advertising and e-mail business was
indicted on 144 federal counts Wednesday in what the Department of Justice
(DOJ) characterized as likely the largest case to date of stolen personal
data.
Scott Levine, a 45-year-old resident of Boca Raton, allegedly stole
approximately 8.2 gigabytes of information from Acxiom Corp., one of the
world’s largest companies managing personal, financial and corporate data.
According to the DOJ, there is no evidence the data was used in any
fraudulent schemes.
The charges stem from alleged illegal intrusions by Levine and employees of
his Snipermail.com firm into a computer database owned and operated by the
Arkansas-based Acxiom.
The indictment charges Levine with conspiracy,
unauthorized access of a protected computer, access device fraud, money
laundering and obstruction of justice.
“The protection of personal information stored on our nation’s computer
systems is critical to public trust in those networks and to the health of
our economy,” Assistant Attorney General Christopher Wray said in a
statement. “We will aggressively pursue those who steal private information
from computer networks and make it clear that there are serious consequences
for such crimes.”
Acxiom integrates data, services and technology for a
number of high-profile clients, including major credit card companies. The
company has headquarters in Little Rock and has offices throughout the
United States, Europe, Australia and Japan.
In July 2003, investigators with the Sheriff’s office in Hamilton County,
Ohio, discovered during the course of an unrelated investigation that an
Ohio resident named Daniel Baas had illegally entered into an Acxiom server
and had downloaded significant amounts of data. During the course of that
investigation, and in follow-up internal investigations conducted by Acxiom,
a second set of intrusions was discovered and traced to the Snipermail
systems.
Acxiom sought assistance from the U.S. Attorney’s Office for the Eastern
District of Arkansas, the FBI and the Secret Service, who formed a task
force utilizing the FBI’s Regional Computer Forensics Laboratory in Dallas.
The task force claims that beginning in April 2002, individuals employed at
Snipermail allegedly obtained access to databases on the ftp.acxiom.com
server in Conway, Ark., and by the spring of 2003, started regularly
accessing large data files and downloading them. The indictment alleges the
activity continued through July 2003.
Wednesday’s indictment also states that Levine and others actively concealed
computers from investigators during the course of the investigation in order
to hide their illicit activity and to avoid prosecution. Six other
individuals associated with Snipermail have agreed to cooperate in this
investigation.
